[Server-devel] Edublog Beta Server shipped!

[Tony Pearson]

Team,
The XS School Server we build for Edublog has been shipped to its final 
destination today!  This is in support of Proyecto Ceibal of OLPC Uruguay. 
 Details of the poject here: 
http://wiki.laptop.org/go/Educational_Blogger_Project

Some key lessons learned:

(a) XS install on machine with two disk drives

The unattended-kickstart XS-163.iso image only works when there is a 
single disk drive.  If you have two or more disk drives, disconnect them 
during the initial install.  Other than that, the parts list for the 
hardware, and pictures of the assembly are here: 
http://wiki.laptop.org/go/User:Az990tony/edublog-beta-hw

(b) I was able to get "multi-boot" working. 

I still need to update my notes on this page: 
http://wiki.laptop.org/go/User:Az990tony/edublog-beta-sw

The OS images are:

        1.  XS-163 ( what we plan to do our primary development/test)
        2.  Fedora 7 (for comparison/test purposes)
        3.  Debian 4 (for potential porting of Edublog)
        4.  SysRescCD (to repair the other three)

The method could be extended to dual-boot for XS with WIndows for example, 
and maybe even XS with Apple Mac OS X.  Let me know if there is any 
interest in either Windows or Mac OS dual-boot scenarios.

(c) RAID and LVM2

While the BIOS of the motherboard advertised "RAID" capability, this is 
only BIOS-assisted RAID for Windows device drivers.  Linux calls this 
"fake raid" and is only supported on a few motherboards, but the one we 
had was not on the support list.    I was able to get instead "software 
raid" mirroring "raid1" and LVM2 logical volumes, but had troubles with 
this process.  Converting regular partitions to raid, or regular 
partitions to LVM is straight-forward, but converting either of these to 
LVM2+RAID was fraught with problems, especially if the LVM2+RAID contain 
any "root" directories needed to start the OS image.  For now, LVM2+RAID 
should only be used only for shared data directories that are 
non-essential for OS boot.

(d) Remote administration with SSH

Our development team is all over the place, so we set up "sshd" server 
with DSA private/public key pairs.  To make this feasible, I put the 
"/home" directory on LVM2 logical volume so that all of the OS images 
could access.  Fedora and Debian have different default userid value 
starting points, so I used "groupadd -g nnnn " to create a group, and 
"useradd -g nnnn -u mmmm  user" to create the users on each OS image. This 
ensures that everyone can read their own files regardless of which OS 
image they are running with.

I tested with a Windows SSH client (sshWindows on SourceForge.net), and 
was able to access the server successfully. 

(e) MySQL vs. PostgreSQL

Despite Tim's excellent set of notes, I was unable to get past his 
"test.php" phase, I just could not get Apache to have authorization to the 
postgresql databases from the PHP pages.  I hope the remote admin team can 
figure this out when needed.  As a fall-back, I installed MySQL which we 
know should have no problems with Moodle.

(f) Ethernet ports/devices/MAC addresses

A very frustrating aspect of the multi-boot process is that each OS 
assigns different "eth0/eth1/eth2/eth3" for the devices it finds. 
Following the XS-163 scheme of "eth0" being the WAN connection to the 
outside world, and "eth1/eth2" to be the internal LAN connections, there 
were means to set Fedora and Debian to match.  This way, "eth0" is always 
the WAN connection regardless of OS image currently running.

(g) Backup methodology

Seeing that moving partitions around, converting to raid, and LVM2, 
required a backup method, but the "Mondo Rescue" method deployed in 
OLE/Nepal did not handle the raid/LVM2 very well.

Instead, I was able to use "SysRescCD" (from http://sysresccd.org/) which 
is developed in France, and has English and Spanish instruction manuals. 
This was able to understand raid and LVM2 devices, and has "partimage" 
tool to backup regular partitions, raid-mirrored partitions, and LVM2 
logical volumes.

(h) Boot-CD and Recover-DVD

Part of the project was a "nice-to-have" requirement for a Recover DVD to 
rebuild the machine to original working state in case the devlopers do 
something bad that breaks the system.  I chose SysRescCD, customized to 
run "sshd" on boot with the appropriate settings, users and public keys in 
place.  I created a "Boot-CD" that is only 200MB, and a Recover-DVD which 
boots just like the Boot-CD, but has 3.7GB of backup files (mostly from 
"partimage" tool).  I did not have time to fully test an automated 
recovery, but was able to summarize the seven steps involved.  The 
advantage is that these seven recovery steps can be done by remote 
administration, you only need someone to reboot the XS with the Recovery 
DVD, and let the remote admins do the rest. 

(i) Rescue OS image on the disk drive itself

I wanted to put the SysRescCD on the hard disk itself, but again it 
assigns "eth0/eth1/eth2" differently than what I had already done with 
Fedora and Debian.  I worked with my new friends at SysRescCD, and they 
added a kernel parameter "nameif=" that allows me to specify "eth0" to be 
the motherboard port, "eth1" to be the top NIC and "eth2" to be the bottom 
NIC card, just as they are defined with the other OS images.  Here is the 
description:

http://www.sysresccd.org/news/2008/06/28/option-to-define-the-name-of-a-network-interface-using-the-mac-address/

With this parameter, I was able to match the "eth" settings of XS-163, and 
have it as a fourth "boot OS" image.   While SysRescCD can be put onto 
existing OS image partitions,  I chose instead to put this as /dev/sda1, 
and moved the shared /boot directory to /dev/sda2.

Hopefully, it will arrive and be online for development purposes next 
week.

Tony Pearson
http://wiki.laptop.org/go/User:Az990tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20080702/54004447/attachment.htm